<?php 

	require_once('init.php');
	include('inc/top.php');

	function steamid($steamid) {
		$id = explode(":", $steamid);
 
		$id[2] = $id[2] * 2;
		$id[2] = $id[2] + $id[1];
		$ro = "765611979";
		$ra = $id[2] + 60265728;
		$final = $ro . $ra;

		$url = 'http://steamcommunity.com/profiles/' . $final;
		return $url;
	}

	if ($consoleban == true) { 
		$banningadminname = "Console";
		$banningadminid = "0";
	} else {
		$banningadminsid = $bandetailsrow['banned_by_id'];
		$banningadminidq = mysql_query("SELECT id FROM sm_admins WHERE identity='$banningadminsid'") or die(mysql_error());
		$banningadminida = mysql_fetch_assoc($banningadminidq);
		$banningadminid = $banningadminida['id'];
		$banningadminnameq = mysql_query("SELECT name FROM sm_admins WHERE id='$banningadminid'") or die(mysql_error());
		$banningadminnamea = mysql_fetch_assoc($banningadminnameq);
		$banningadminname = $banningadminnamea['name'];
	}

	if($userisadmin = true) {
		if(isset($_POST['postbannote'])) {
		
			$input_banid = sanitizeString($banid);
			$input_adminid = sanitizeString($curradminid);
			$input_post = sanitizeString($_POST['posttext']);
			mysql_query("INSERT INTO mysql_bans_notes (banid, admin_id, post) VALUES ('$input_banid', '$input_adminid', '$input_post')") or die(mysql_error());
			redirect("bandetails.php?banid=" . $banid);
		}
			
		if(isset($_POST['postbandemo'])) {
		
			$error_types = array(
				UPLOAD_ERR_INI_SIZE=>'The uploaded file exceeds the upload_max_filesize directive in php.ini.',
				UPLOAD_ERR_FORM_SIZE=>'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.',
				UPLOAD_ERR_PARTIAL=>'The uploaded file was only partially uploaded.',
				UPLOAD_ERR_NO_FILE=>'No file was uploaded.',
				UPLOAD_ERR_NO_TMP_DIR=>'Missing a temporary folder.',
				UPLOAD_ERR_CANT_WRITE=>'Failed to write file to disk.',
				UPLOAD_ERR_EXTENSION=>'A PHP extension stopped the file upload.'
			); 
	
			if($_FILES['postdemo']['error']==0) { 
				$file_type = $_FILES['postdemo']['name'];
				$file_type_length = strlen($file_type) - 4;
				$file_type = substr($file_type, $file_type_length);
				
				if($file_type!=".zip" && $file_type!=".rar") {
					echo "<div id='main_red'><p>Demo must be in a ZIP or RAR file.</p></div>";
				} else {
					//If a demo was uploaded, move it to the demos folder, using a filename of the username (ascii-only) + md5hash of file
					if($_FILES['postdemo']['error']==UPLOAD_ERR_OK) {
						$namemd5 = md5($bandetailsrow['steam_id'] . time());
						$newfilename =  $namemd5 . $file_type;
						move_uploaded_file($_FILES["postdemo"]["tmp_name"], "demos/" . $newfilename);
						
						mysql_query("INSERT INTO sm_demos (banid, filename) VALUES ('$banid','$newfilename');") or die(mysql_error());
					}
				
				}
			} else {
				$error_message = $error_types[$_FILES['postdemo']['error']]; 
				echo "<div id='main_red'><p>$error_message</p></div>";
			}
		}
	}
	
	if ($user->data['group_id'] == $mgmtgroup) {
		if(isset($_POST['deleteban'])) {
			mysql_query("DELETE FROM mysql_bans WHERE id='$banid'") or die(mysql_error());
			redirect('bans.php');
		}
		
		if(isset($_POST['deletenote'])) {
			mysql_query("DELETE FROM mysql_bans_notes WHERE id='$bannoteid'") or die(mysql_error());
			redirect("bandetails.php?banid=" . $banid);
		}
	}

	$bannotesq = mysql_query("SELECT * FROM mysql_bans_notes WHERE banid='$banid' ORDER BY id ASC") or die(mysql_error());
	$bannotesbool = mysql_num_rows($bannotesq);

	if($bannotesbool == 0) { $nobannotes = true; } else { $nobannotes = false; }
	
	$bandemosq = mysql_query("SELECT * FROM sm_demos WHERE banid='$banid' ORDER BY id ASC") or die(mysql_error());
	$bandemosbool = mysql_num_rows($bandemosq);

	if($bandemosbool == 0) { $nobandemos = true; } else { $nobandemos = false; }
	
	$alreadybannedq = mysql_query("SELECT * FROM mysql_bans WHERE steam_id='{$bandetailsrow['steam_id']}' ORDER BY id DESC");
	$alreadybannedcount = mysql_num_rows($alreadybannedq);

?>

<div id="main_gray"><h1>Ban Details</h1></div>

<?php
	if (empty($banid)) {
		echo "<div id='main_red'><p>No Ban Specified</p></div>";
	} elseif (empty($bandetailsrow)) {
		echo "<div id='main_yellow'><p>Invalid Ban Specified</p></div>";
	} else { ?>
		
		<table class="table" id="tableborder" cellspacing="3" cellpadding="5" align="center">
			<tr><td align="right"><b>Username:</b></td><td align="left"><?php  echo $bandetailsrow['player_name']; ?></td></tr>
			<tr><td align="right"><b>SteamID:</b></td><td align="left"><a href="<?php  echo steamid($bandetailsrow['steam_id']); ?>"><?php  echo $bandetailsrow['steam_id']; ?></a></td></tr>
			<tr><td align="right"><b>Reason:</b></td><td align="left"><?php  echo stripslashes($bandetailsrow['ban_reason']); ?></td></tr>
			<tr><td align="right"><b>Length:</b></td><td align="left"><?php  echo $bantime; ?></td></tr>
			<tr><td align="right"><b>Banned By:</b></td><td align="left"><a href="profile.php?id=<?php  echo $banningadminid; ?>"><?php  echo stripslashes($banningadminname); ?></a></td></tr>
			<tr><td align="right"><b>Date/Time:</b></td><td align="left"><?php  echo date("M. j, Y g:i a", strtotime($bandetailsrow['timestamp'])); ?></td></tr>
			<tr><td align="right"><b>Total bans:</b></td><td align="left"><?php echo $alreadybannedcount; ?></td></tr>
			<?php if($alreadybannedcount > 1) { ?>
				<tr><td align="right"><b>Other bans:</b></td>
					<td align="left">
						<?php while($alreadybanneda = mysql_fetch_array($alreadybannedq))
						{
							if($alreadybanneda['id'] != $banid) {
								echo "<a href='bandetails.php?banid={$alreadybanneda['id']}'>Ban #{$alreadybanneda['id']}</a><br />";
							}
						}
						?>
					</td>
				</tr>
			<?php } ?>
		</table>
	
		<table cellspacing="3" cellpadding "5" align="center">
	
			<tr valign="top">
				<td><input type="button" name="back" value="Back" class="searchbutton" onClick="javascript:history.back();"></td>
				<td><input type="button" name="protest" value="Protest Ban" class="searchbutton" onClick="javascript:window.location='protestban.php?banid=<?php  echo $banid; ?>'"></td>
				
				<?php if ($user->data['group_id'] == $mgmtgroup) { ?>
			
					<td><input type="button" name="edit" value="Edit Ban" class="searchbutton" onClick="javascript:window.location='editban.php?banid=<?php  echo $banid; ?>'"></td>
					<td><form action="bandetails.php?banid=<?php  echo $banid; ?>" method="post"><input type="submit" name="deleteban" value="Delete Ban" class="searchbutton" /></form></td>
			
				<?php } ?>
			</tr>
		
		</table>
		
		<table class="table" id="tableborder" cellspacing="3" cellpadding="5" align="center">
			<tr><td align="center" colspan="2"><h1>Ban Demos</h1></td></tr>
		
			<?php  
		
				if($nobandemos == true) {
					echo '<tr><td width="450"><p>No Ban Demos</p></td></tr>';
				} else {
		
					while($bandemosinfo = mysql_fetch_assoc($bandemosq)) {
			
						$bandemoid = $bandemosinfo['id'];
		
			?>
			
						<tr><td align="center"><a href="getdemo.php?did=<?php echo($bandemoid); ?>">Download demo</a></td>
		<?php  
					}
				}
		
		if($userisadmin == true) {
		
		?>
		
			<tr><td align="center" colspan="2">
				<h2>Upload demo</h2>
				<form enctype="multipart/form-data" action="bandetails.php?banid=<?php  echo $banid; ?>" method="post">
					<input type="file" name="postdemo" />
					<input type="submit" value="Upload" name="postbandemo" />
				</form>
				
			</td></tr>
		<?php
		}
		?>			
		
		</table>
		
		
		<br />
		
		<?php if($userisadmin == true) { ?>
			<table class="table" id="tableborder" cellspacing="3" cellpadding="5" align="center">
				<tr><td align="center" colspan="2"><h1>Ban Notes</h1></td></tr>
			
				<?php  
			
					if($nobannotes == true) {
						echo '<tr><td width="450"><p>No Ban Notes</p></td></tr>';
					} else {
			
						while($bannotesinfo = mysql_fetch_assoc($bannotesq)) {
			
							$bannoteauthorid = $bannotesinfo['admin_id'];
					
							$bannoteid = $bannotesinfo['id'];
					
							$bannoteauthorq = mysql_query("SELECT name FROM sm_admins WHERE id='$bannoteauthorid'") or die(mysql_error());
							$bannoteauthora = mysql_fetch_array($bannoteauthorq);
							$bannoteauthor = $bannoteauthora['name'];
			
				?>
				
							<tr><td align="center" >
								<b><a href="profile.php?id=<?php  echo $bannoteauthorid; ?>"><?php  echo $bannoteauthor; ?></a></b><br/>
								<?php  
								
									echo date("M. j, Y g:i a", strtotime($bannotesinfo['timestamp'])); 
									if ($user->data['group_id'] == $mgmtgroup) {
								?>
										<br/>
			
										<form action="bandetails.php?banid=<?php echo $banid; ?>" method="post" name="deletenote"><input type="submit" class="searchbutton" name="deletenote" value="Delete Note" /></form>
										</td>
									<?php } ?>
									<td align="left" width="400"><p><?php  echo preg_replace( "#\r\n|\n|\r#", '<br />', stripslashes($bannotesinfo['post'])); ?></p></td>
								</tr><tr><td colspan="2"><hr></td></tr>
			<?php  
						}
					}
			?>
		
				<tr><td align="center" colspan="2">
					<h2>Post Ban Note</h2>
					<form action="bandetails.php?banid=<?php  echo $banid; ?>" method="post">
						<textarea rows="2" class="searchentry" name="posttext"></textarea>
						<input type="submit" class="searchbutton" value="Post" name="postbannote" />
					</form>
				
				</td></tr>
		
			</table>
		<?php
		}
		?>
	

		<?php 

	}
	
	include('inc/bottom.php');

?>